{"id": "FEDORA_2015-13287.NASL", "bulletinFamily": "scanner", "title": "Fedora 23 : gnutls-3.4.4-1.fc23 (2015-13287)", "description": "new upstream release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2015-09-01T00:00:00", "modified": "2015-09-01T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/85709", "reporter": "This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?5b85f88c", "https://bugzilla.redhat.com/show_bug.cgi?id=1251902"], "cvelist": ["CVE-2015-6251"], "type": "nessus", "lastseen": "2021-01-12T10:13:17", "edition": 17, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-6251"]}, {"type": "f5", "idList": ["F5:K17335", "SOL17335"]}, {"type": "archlinux", "idList": ["ASA-201508-8"]}, {"type": "fedora", "idList": ["FEDORA:7E860604CD1E"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703334", "OPENVAS:703334", "OPENVAS:1361412562310130061", "OPENVAS:1361412562310842448"]}, {"type": "slackware", "idList": ["SSA-2016-254-01", "SSA-2015-233-01"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14648"]}, {"type": "freebsd", "idList": ["EC6A2A1E-429D-11E5-9DAA-14DAE9D210B8"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2016-254-01.NASL", "FREEBSD_PKG_EC6A2A1E429D11E59DAA14DAE9D210B8.NASL", "OPENSUSE-2015-567.NASL", "UBUNTU_USN-2727-1.NASL", "SLACKWARE_SSA_2015-233-01.NASL", "DEBIAN_DSA-3334.NASL", "SUSE_SU-2015-1518-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-2727-1"]}], "modified": "2021-01-12T10:13:17", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-01-12T10:13:17", "rev": 2}, "vulnersScore": 5.3}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-13287.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85709);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6251\");\n script_xref(name:\"FEDORA\", value:\"2015-13287\");\n\n script_name(english:\"Fedora 23 : gnutls-3.4.4-1.fc23 (2015-13287)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"new upstream release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1251902\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-September/165286.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b85f88c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"gnutls-3.4.4-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "85709", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnutls", "cpe:/o:fedoraproject:fedora:23"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:49:54", "description": "Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.\n<a href=\"http://cwe.mitre.org/data/definitions/415.html\">CWE-415: Double Free</a>", "edition": 3, "cvss3": {}, "published": "2015-08-24T14:59:00", "title": "CVE-2015-6251", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-6251"], "modified": "2016-12-24T02:59:00", "cpe": ["cpe:/a:gnu:gnutls:3.3.7", "cpe:/a:gnu:gnutls:3.3.4", "cpe:/a:gnu:gnutls:3.3.15", "cpe:/a:gnu:gnutls:3.3.9", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:gnu:gnutls:3.4.0", "cpe:/a:gnu:gnutls:3.3.12", "cpe:/a:gnu:gnutls:3.3.2", "cpe:/a:gnu:gnutls:3.4.2", "cpe:/a:gnu:gnutls:3.4.1", "cpe:/a:gnu:gnutls:3.3.16", "cpe:/a:gnu:gnutls:3.3.14", "cpe:/a:gnu:gnutls:3.3.5", "cpe:/a:gnu:gnutls:3.3.3", "cpe:/a:gnu:gnutls:3.3.10", "cpe:/a:gnu:gnutls:3.3.8", "cpe:/a:gnu:gnutls:3.3.13", "cpe:/a:gnu:gnutls:3.3.6", "cpe:/a:gnu:gnutls:3.3.0", "cpe:/a:gnu:gnutls:3.4.3", "cpe:/a:gnu:gnutls:3.3.11", "cpe:/a:gnu:gnutls:3.3.1"], "id": "CVE-2015-6251", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6251", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:gnutls:3.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.12:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.0:pre0:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.3.16:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T10:19:04", "bulletinFamily": "software", "cvelist": ["CVE-2015-6251"], "edition": 1, "description": "\nF5 Product Development has assigned ID 538042 (BIG-IP) and ID 454906 (ARX) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| 6.0.0 - 6.4.0| None| Medium| GNUTLS library \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the** Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-03-14T22:07:00", "published": "2015-09-29T10:30:00", "href": "https://support.f5.com/csp/article/K17335", "id": "F5:K17335", "title": "GnuTLS vulnerability CVE-2015-6251", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:54", "bulletinFamily": "software", "cvelist": ["CVE-2015-6251"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the** Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2016-06-02T00:00:00", "published": "2015-09-29T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17335.html", "id": "SOL17335", "title": "SOL17335 - GnuTLS vulnerability CVE-2015-6251", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:43", "bulletinFamily": "unix", "cvelist": ["CVE-2015-6251"], "description": "Kurt Roeckx reported that decoding a specific certificate with very long\nDistinguishedName (DN) entries leads to double free, which may result to\na denial of service. Since the DN decoding occurs in almost all\napplications using certificates it is recommended to upgrade the latest\nGnuTLS version fixing the issue.", "modified": "2015-08-25T00:00:00", "published": "2015-08-25T00:00:00", "id": "ASA-201508-8", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html", "type": "archlinux", "title": "gnutls: denial of service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-6251"], "description": "GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. ", "modified": "2015-09-01T03:49:46", "published": "2015-09-01T03:49:46", "id": "FEDORA:7E860604CD1E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: gnutls-3.4.4-1.fc23", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "description": "Kurt Roeckx discovered that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free. A remote\nattacker can take advantage of this flaw by creating a specially crafted\ncertificate that, when processed by an application compiled against\nGnuTLS, could cause the application to crash resulting in a denial of\nservice.", "modified": "2019-03-18T00:00:00", "published": "2015-08-12T00:00:00", "id": "OPENVAS:1361412562310703334", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703334", "type": "openvas", "title": "Debian Security Advisory DSA 3334-1 (gnutls28 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3334.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3334-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703334\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-6251\");\n script_name(\"Debian Security Advisory DSA 3334-1 (gnutls28 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-08-12 00:00:00 +0200 (Wed, 12 Aug 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3334.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"gnutls28 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), this problem has been fixed in\nversion 3.3.8-6+deb8u2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.3.17-1.\n\nWe recommend that you upgrade your gnutls28 packages.\");\n script_tag(name:\"summary\", value:\"Kurt Roeckx discovered that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free. A remote\nattacker can take advantage of this flaw by creating a specially crafted\ncertificate that, when processed by an application compiled against\nGnuTLS, could cause the application to crash resulting in a denial of\nservice.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"gnutls-bin\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gnutls-doc\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"guile-gnutls\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgnutls-deb0-28\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgnutls-openssl27\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgnutls28-dbg\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgnutls28-dev\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgnutlsxx28\", ver:\"3.3.8-6+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:52:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "description": "Kurt Roeckx discovered that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free. A remote\nattacker can take advantage of this flaw by creating a specially crafted\ncertificate that, when processed by an application compiled against\nGnuTLS, could cause the application to crash resulting in a denial of\nservice.", "modified": "2017-07-07T00:00:00", "published": "2015-08-12T00:00:00", "id": "OPENVAS:703334", "href": "http://plugins.openvas.org/nasl.php?oid=703334", "type": "openvas", "title": "Debian Security Advisory DSA 3334-1 (gnutls28 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3334.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3334-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703334);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-6251\");\n script_name(\"Debian Security Advisory DSA 3334-1 (gnutls28 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-08-12 00:00:00 +0200 (Wed, 12 Aug 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3334.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"gnutls28 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), this problem has been fixed in\nversion 3.3.8-6+deb8u2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.3.17-1.\n\nWe recommend that you upgrade your gnutls28 packages.\");\n script_tag(name: \"summary\", value: \"Kurt Roeckx discovered that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free. A remote\nattacker can take advantage of this flaw by creating a specially crafted\ncertificate that, when processed by an application compiled against\nGnuTLS, could cause the application to crash resulting in a denial of\nservice.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gnutls-bin\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gnutls-doc\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"guile-gnutls\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgnutls-deb0-28\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgnutls-openssl27\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgnutls28-dbg\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgnutls28-dev\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgnutlsxx28\", ver:\"3.3.8-6+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3308", "CVE-2015-6251"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-09-18T00:00:00", "id": "OPENVAS:1361412562310842448", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842448", "type": "openvas", "title": "Ubuntu Update for gnutls28 USN-2727-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for gnutls28 USN-2727-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842448\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 10:43:31 +0200 (Fri, 18 Sep 2015)\");\n script_cve_id(\"CVE-2015-3308\", \"CVE-2015-6251\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for gnutls28 USN-2727-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnutls28'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that GnuTLS incorrectly\nhandled parsing CRL distribution points. A remote attacker could possibly use\nthis issue to cause a denial of service, or execute arbitrary code. (CVE-2015-3308)\n\nKurt Roeckx discovered that GnuTLS incorrectly handled a long\nDistinguishedName (DN) entry in a certificate. A remote attacker could\npossibly use this issue to cause a denial of service, or execute arbitrary\ncode. (CVE-2015-6251)\");\n script_tag(name:\"affected\", value:\"gnutls28 on Ubuntu 15.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2727-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2727-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libgnutls-deb0-28:amd64\", ver:\"3.3.8-3ubuntu3.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libgnutls-deb0-28:i386\", ver:\"3.3.8-3ubuntu3.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-04T18:48:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0294", "CVE-2015-6251"], "description": "Mageia Linux Local Security Checks mgasa-2015-0322", "modified": "2020-02-04T00:00:00", "published": "2015-10-15T00:00:00", "id": "OPENVAS:1361412562310130061", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130061", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130061\");\n script_version(\"2020-02-04T09:04:16+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:42:12 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-02-04 09:04:16 +0000 (Tue, 04 Feb 2020)\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0322\");\n script_tag(name:\"insight\", value:\"It was reported that GnuTLS does not check whether the two signature algorithms match on certificate import (CVE-2015-0294). Kurt Roeckx discovered that decoding a specific certificate with very long DistinguishedName (DN) entries leads to double free. A remote attacker can take advantage of this flaw by creating a specially crafted certificate that, when processed by an application compiled against GnuTLS, could cause the application to crash resulting in a denial of service (CVE-2015-6251).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0322.html\");\n script_cve_id(\"CVE-2015-0294\", \"CVE-2015-6251\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0322\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~3.2.21~1.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "slackware": [{"lastseen": "2020-10-25T16:36:04", "bulletinFamily": "unix", "cvelist": ["CVE-2015-6251"], "description": "New gnutls packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\nIMPORTANT: On Slackware 14.0, install the new updated nettle package first.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/gnutls-3.3.17.1-i486-1_slack14.1.txz: Upgraded.\n This update fixes some bugs and security issues.\n For more information, see:\n http://www.gnutls.org/security.html#GNUTLS-SA-2015-2\n http://www.gnutls.org/security.html#GNUTLS-SA-2015-3\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnutls-3.3.17.1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnutls-3.3.17.1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnutls-3.3.17.1-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnutls-3.3.17.1-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnutls-3.4.4.1-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnutls-3.4.4.1-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n2658a7061f9920cde5dfcb22425c127a gnutls-3.3.17.1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n357bcae385268d44bc865429fd8cc4a2 gnutls-3.3.17.1-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nb430addfad1fc665de4dffc349cf9411 gnutls-3.3.17.1-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n76b05e6a90c86e1c6a7d85020c24bde5 gnutls-3.3.17.1-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n07483f2fc936497380949cfeb36e4b3d n/gnutls-3.4.4.1-i586-1.txz\n\nSlackware x86_64 -current package:\nb794877ee2edee391dc8357d835950a0 n/gnutls-3.4.4.1-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gnutls-3.3.17.1-i486-1_slack14.1.txz", "modified": "2015-08-21T23:30:43", "published": "2015-08-21T23:30:43", "id": "SSA-2015-233-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.395455", "type": "slackware", "title": "[slackware-security] gnutls", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-10-25T16:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2015-6251"], "description": "New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current\nto fix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/gnutls-3.4.15-i586-1_slack14.2.txz: Upgraded.\n This update fixes some bugs and security issues.\n For more information, see:\n http://www.gnutls.org/security.html#GNUTLS-SA-2015-2\n http://www.gnutls.org/security.html#GNUTLS-SA-2015-3\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnutls-3.3.24-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnutls-3.3.24-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnutls-3.3.24-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnutls-3.3.24-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gnutls-3.4.15-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gnutls-3.4.15-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnutls-3.4.15-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnutls-3.4.15-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n9fb4d8cc5fc3934456bfcc45ef206288 gnutls-3.3.24-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n096978e66dccf37f7182bcbef8550d98 gnutls-3.3.24-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n991a332f840cb55112ecc937d3dcbec7 gnutls-3.3.24-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n0916d0add976a12b59f7a52afbc7fb98 gnutls-3.3.24-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nd3c1e223880db5b366149e04c30fcbc5 gnutls-3.4.15-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n5d6e3da9c353774c60a7ed9b22214203 gnutls-3.4.15-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n67ff2dcd327cc5a0781bfa6cb6553932 n/gnutls-3.4.15-i586-1.txz\n\nSlackware x86_64 -current package:\n95037c7af4bc6528b6333085d7ae3aca n/gnutls-3.4.15-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gnutls-3.4.15-i586-1_slack14.2.txz", "modified": "2016-09-10T19:39:21", "published": "2016-09-10T19:39:21", "id": "SSA-2016-254-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.425821", "type": "slackware", "title": "[slackware-security] gnutls", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-6251"], "description": "Double free on DN parsing.", "edition": 1, "modified": "2015-08-24T00:00:00", "published": "2015-08-24T00:00:00", "id": "SECURITYVULNS:VULN:14648", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14648", "title": "GnuTLS double free", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:06", "bulletinFamily": "unix", "cvelist": ["CVE-2015-6251"], "description": "\ngnutls.org reports:\n\nKurt Roeckx reported that decoding a specific certificate with very\n\t long DistinguishedName (DN) entries leads to double free, which may\n\t result to a denial of service. Since the DN decoding occurs in almost\n\t all applications using certificates it is recommended to upgrade the\n\t latest GnuTLS version fixing the issue. Recommendation: Upgrade to\n\t GnuTLS 3.4.4, or 3.3.17.\n\n", "edition": 4, "modified": "2015-08-18T00:00:00", "published": "2015-07-20T00:00:00", "id": "EC6A2A1E-429D-11E5-9DAA-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/ec6a2a1e-429d-11e5-9daa-14dae9d210b8.html", "title": "gnutls -- double free in certificate DN decoding", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2020-06-05T11:12:27", "description": "Gnutls was updated to fix one security issue.\n\nThe following vulnerability was fixed :\n\n - CVE-2015-6251: Decoding specific certificates with very\n long DistinguishedName (DN) entries could have caused a\n double free, which may have resulted in a Denial of\n Service (GNUTLS-SA-2015-3)", "edition": 16, "published": "2015-09-08T00:00:00", "title": "openSUSE Security Update : gnutls (openSUSE-2015-567)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "modified": "2015-09-08T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgnutlsxx28-debuginfo", "p-cpe:/a:novell:opensuse:libgnutls28-debuginfo", "p-cpe:/a:novell:opensuse:libgnutls28-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgnutls28", "p-cpe:/a:novell:opensuse:libgnutls-openssl-devel", "p-cpe:/a:novell:opensuse:libgnutlsxx28", "p-cpe:/a:novell:opensuse:libgnutls-openssl27-debuginfo", "p-cpe:/a:novell:opensuse:libgnutls28-32bit", "p-cpe:/a:novell:opensuse:libgnutlsxx-devel", "p-cpe:/a:novell:opensuse:libgnutls-openssl27", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:gnutls", "p-cpe:/a:novell:opensuse:libgnutls-devel", "p-cpe:/a:novell:opensuse:gnutls-debugsource", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:gnutls-debuginfo", "p-cpe:/a:novell:opensuse:libgnutls-devel-32bit"], "id": "OPENSUSE-2015-567.NASL", "href": "https://www.tenable.com/plugins/nessus/85836", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-567.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85836);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2015-6251\");\n\n script_name(english:\"openSUSE Security Update : gnutls (openSUSE-2015-567)\");\n script_summary(english:\"Check for the openSUSE-2015-567 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gnutls was updated to fix one security issue.\n\nThe following vulnerability was fixed :\n\n - CVE-2015-6251: Decoding specific certificates with very\n long DistinguishedName (DN) entries could have caused a\n double free, which may have resulted in a Denial of\n Service (GNUTLS-SA-2015-3)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=941794\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gnutls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gnutls-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-openssl27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls-openssl27-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls28-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutlsxx-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutlsxx28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgnutlsxx28-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"gnutls-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"gnutls-debuginfo-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"gnutls-debugsource-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutls-devel-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutls-openssl-devel-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutls-openssl27-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutls-openssl27-debuginfo-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutls28-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutls28-debuginfo-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutlsxx-devel-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutlsxx28-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libgnutlsxx28-debuginfo-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libgnutls-devel-32bit-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libgnutls28-32bit-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libgnutls28-debuginfo-32bit-3.2.4-2.38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gnutls-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gnutls-debuginfo-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"gnutls-debugsource-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutls-devel-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutls-openssl-devel-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutls-openssl27-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutls-openssl27-debuginfo-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutls28-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutls28-debuginfo-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutlsxx-devel-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutlsxx28-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libgnutlsxx28-debuginfo-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgnutls-devel-32bit-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgnutls28-32bit-3.2.18-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libgnutls28-debuginfo-32bit-3.2.18-14.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls / gnutls-debuginfo / gnutls-debugsource / libgnutls-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:10:07", "description": "New gnutls packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues. IMPORTANT: On Slackware 14.0, install\nthe new updated nettle package first.", "edition": 22, "published": "2015-08-24T00:00:00", "title": "Slackware 14.0 / 14.1 / current : gnutls (SSA:2015-233-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.0", "p-cpe:/a:slackware:slackware_linux:gnutls", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2015-233-01.NASL", "href": "https://www.tenable.com/plugins/nessus/85583", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-233-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85583);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/08/26 13:32:36 $\");\n\n script_cve_id(\"CVE-2015-6251\");\n script_xref(name:\"SSA\", value:\"2015-233-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : gnutls (SSA:2015-233-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gnutls packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues. IMPORTANT: On Slackware 14.0, install\nthe new updated nettle package first.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.395455\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3958d75a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"gnutls\", pkgver:\"3.3.17.1\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.3.17.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"gnutls\", pkgver:\"3.3.17.1\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.3.17.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gnutls\", pkgver:\"3.4.4.1\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.4.4.1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:10:13", "description": "New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix a security issue.", "edition": 20, "published": "2016-09-12T00:00:00", "title": "Slackware 14.0 / 14.1 / 14.2 / current : gnutls (SSA:2016-254-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.2", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.0", "p-cpe:/a:slackware:slackware_linux:gnutls", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2016-254-01.NASL", "href": "https://www.tenable.com/plugins/nessus/93411", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-254-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93411);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2016/09/12 13:37:17 $\");\n\n script_cve_id(\"CVE-2015-6251\");\n script_xref(name:\"SSA\", value:\"2016-254-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : gnutls (SSA:2016-254-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.425821\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3aee101\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"gnutls\", pkgver:\"3.3.24\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.3.24\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"gnutls\", pkgver:\"3.3.24\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.3.24\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"gnutls\", pkgver:\"3.4.15\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.4.15\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gnutls\", pkgver:\"3.4.15\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"gnutls\", pkgver:\"3.4.15\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:51:18", "description": "gnutls.org reports :\n\nKurt Roeckx reported that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free, which may\nresult to a denial of service. Since the DN decoding occurs in almost\nall applications using certificates it is recommended to upgrade the\nlatest GnuTLS version fixing the issue. Recommendation: Upgrade to\nGnuTLS 3.4.4, or 3.3.17.", "edition": 22, "published": "2015-08-17T00:00:00", "title": "FreeBSD : gnutls -- double free in certificate DN decoding (ec6a2a1e-429d-11e5-9daa-14dae9d210b8)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "modified": "2015-08-17T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gnutls", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_EC6A2A1E429D11E59DAA14DAE9D210B8.NASL", "href": "https://www.tenable.com/plugins/nessus/85429", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85429);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-6251\");\n\n script_name(english:\"FreeBSD : gnutls -- double free in certificate DN decoding (ec6a2a1e-429d-11e5-9daa-14dae9d210b8)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"gnutls.org reports :\n\nKurt Roeckx reported that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free, which may\nresult to a denial of service. Since the DN decoding occurs in almost\nall applications using certificates it is recommended to upgrade the\nlatest GnuTLS version fixing the issue. Recommendation: Upgrade to\nGnuTLS 3.4.4, or 3.3.17.\"\n );\n # http://www.gnutls.org/security.html#GNUTLS-SA-2015-3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.gnutls.org/security.html#GNUTLS-SA-2015-3\"\n );\n # http://seclists.org/oss-sec/2015/q3/308\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/oss-sec/2015/q3/308\"\n );\n # https://gitlab.com/gnutls/gnutls/commit/272854367efc130fbd4f1a51840d80c630214e12\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f89fffc7\"\n );\n # https://vuxml.freebsd.org/freebsd/ec6a2a1e-429d-11e5-9daa-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4b76315b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gnutls<3.3.17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:49:12", "description": "Kurt Roeckx discovered that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free. A remote\nattacker can take advantage of this flaw by creating a specially\ncrafted certificate that, when processed by an application compiled\nagainst GnuTLS, could cause the application to crash resulting in a\ndenial of service.", "edition": 22, "published": "2015-08-13T00:00:00", "title": "Debian DSA-3334-1 : gnutls28 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-6251"], "modified": "2015-08-13T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:gnutls28"], "id": "DEBIAN_DSA-3334.NASL", "href": "https://www.tenable.com/plugins/nessus/85357", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3334. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85357);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6251\");\n script_xref(name:\"DSA\", value:\"3334\");\n\n script_name(english:\"Debian DSA-3334-1 : gnutls28 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Kurt Roeckx discovered that decoding a specific certificate with very\nlong DistinguishedName (DN) entries leads to double free. A remote\nattacker can take advantage of this flaw by creating a specially\ncrafted certificate that, when processed by an application compiled\nagainst GnuTLS, could cause the application to crash resulting in a\ndenial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/gnutls28\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3334\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gnutls28 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.3.8-6+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gnutls28\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"gnutls-bin\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gnutls-doc\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"guile-gnutls\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgnutls-deb0-28\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgnutls-openssl27\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgnutls28-dbg\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgnutls28-dev\", reference:\"3.3.8-6+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgnutlsxx28\", reference:\"3.3.8-6+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-23T18:55:22", "description": "It was discovered that GnuTLS incorrectly handled parsing CRL\ndistribution points. A remote attacker could possibly use this issue\nto cause a denial of service, or execute arbitrary code.\n(CVE-2015-3308)\n\nKurt Roeckx discovered that GnuTLS incorrectly handled a long\nDistinguishedName (DN) entry in a certificate. A remote attacker could\npossibly use this issue to cause a denial of service, or execute\narbitrary code. (CVE-2015-6251).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 20, "published": "2015-09-02T00:00:00", "title": "Ubuntu 15.04 : gnutls28 vulnerabilities (USN-2727-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3308", "CVE-2015-6251"], "modified": "2015-09-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:15.04", "p-cpe:/a:canonical:ubuntu_linux:libgnutls-deb0-28"], "id": "UBUNTU_USN-2727-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85735", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2727-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85735);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2015-3308\", \"CVE-2015-6251\");\n script_xref(name:\"USN\", value:\"2727-1\");\n\n script_name(english:\"Ubuntu 15.04 : gnutls28 vulnerabilities (USN-2727-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that GnuTLS incorrectly handled parsing CRL\ndistribution points. A remote attacker could possibly use this issue\nto cause a denial of service, or execute arbitrary code.\n(CVE-2015-3308)\n\nKurt Roeckx discovered that GnuTLS incorrectly handled a long\nDistinguishedName (DN) entry in a certificate. A remote attacker could\npossibly use this issue to cause a denial of service, or execute\narbitrary code. (CVE-2015-6251).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2727-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgnutls-deb0-28 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgnutls-deb0-28\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libgnutls-deb0-28\", pkgver:\"3.3.8-3ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgnutls-deb0-28\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T14:23:00", "description": "gnutls was updated to fix several security vulnerabilities.\n\n - fix double free in certificate DN decoding\n (GNUTLS-SA-2015-3)(bsc#941794,CVE-2015-6251)\n\n - fix invalid read in octet string in bundled libtasn1\n (bsc#929414,CVE-2015-3622)\n\n - fix ServerKeyExchange signature issue\n (GNUTLS-SA-2015-2)(bsc#929690)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2015-09-11T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2015:1518-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3622", "CVE-2015-6251"], "modified": "2015-09-11T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libgnutls28-debuginfo", "p-cpe:/a:novell:suse_linux:libgnutls-openssl27-debuginfo", "p-cpe:/a:novell:suse_linux:gnutls-debugsource", "p-cpe:/a:novell:suse_linux:libgnutls-openssl27", "p-cpe:/a:novell:suse_linux:gnutls", "p-cpe:/a:novell:suse_linux:gnutls-debuginfo", "p-cpe:/a:novell:suse_linux:libgnutls28"], "id": "SUSE_SU-2015-1518-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85901", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1518-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85901);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3622\", \"CVE-2015-6251\");\n script_bugtraq_id(74419);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2015:1518-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"gnutls was updated to fix several security vulnerabilities.\n\n - fix double free in certificate DN decoding\n (GNUTLS-SA-2015-3)(bsc#941794,CVE-2015-6251)\n\n - fix invalid read in octet string in bundled libtasn1\n (bsc#929414,CVE-2015-3622)\n\n - fix ServerKeyExchange signature issue\n (GNUTLS-SA-2015-2)(bsc#929690)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=929414\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=929690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6251/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151518-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db83bcb0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-513=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-513=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-513=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gnutls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gnutls-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls-openssl27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls-openssl27-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgnutls28-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"gnutls-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"gnutls-debuginfo-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"gnutls-debugsource-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgnutls-openssl27-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgnutls-openssl27-debuginfo-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgnutls28-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgnutls28-debuginfo-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgnutls28-32bit-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libgnutls28-debuginfo-32bit-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gnutls-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gnutls-debuginfo-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"gnutls-debugsource-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgnutls28-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgnutls28-32bit-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgnutls28-debuginfo-3.2.15-11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libgnutls28-debuginfo-32bit-3.2.15-11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnutls\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:29:02", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3308", "CVE-2015-6251"], "description": "It was discovered that GnuTLS incorrectly handled parsing CRL distribution \npoints. A remote attacker could possibly use this issue to cause a denial \nof service, or execute arbitrary code. (CVE-2015-3308)\n\nKurt Roeckx discovered that GnuTLS incorrectly handled a long \nDistinguishedName (DN) entry in a certificate. A remote attacker could \npossibly use this issue to cause a denial of service, or execute arbitrary \ncode. (CVE-2015-6251)", "edition": 5, "modified": "2015-09-01T00:00:00", "published": "2015-09-01T00:00:00", "id": "USN-2727-1", "href": "https://ubuntu.com/security/notices/USN-2727-1", "title": "GnuTLS vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}